Leidos has an immediate opening for an experienced, and motivated Identity & Access Management (IAM) Cloud Security Engineer to join our Identity and Access Management Group. In this role, you will work within the Security Engineering and Architecture (SAE) organization supporting all security aspects of Leidos enterprise and line of business cloud initiatives. The role focuses on developing and implementing Leidos' cloud defense strategy and balancing customer needs with security best practices. You will be expected to provide technical cybersecurity subject matter expertise spanning AWS, Azure, and Google infrastructure. Finally, you will provide written documentation including whitepapers and Standard Operating Procedures (SOPs) to contribute to the technical innovation that will evolve Leidos' cloud defensive capabilities and methodologies.
This position can be supported from one of the following locations: Gaithersburg - MD, Orlando - FL, or Reston - VA. We will also consider telecommute option for the right candidate.
- Act as a Cloud technical cybersecurity Subject Matter Expert (SME) to meet current and future security design, and architecture requirements for IaaS, PaaS, and SaaS implementations.
- Be a SME in the capabilities, APIs, and shared security models for Leidos' enterprise cloud deployment.
- Participate in enterprise projects and advocate security, architecture and engineering best practices.
- Collaborate using information and knowledge sharing networks and professional relationships to achieve common goals between technical and non-technical personnel.
- Proficient in developing documentation as in system design, concept of operations and architecture diagramming.
- Bachelor's degree and minimum 8 years of relevant experience.
- AWS Certified Cloud Practitioner or Microsoft Certified Azure Fundamentals
- Demonstrated experience managing identities between on-prem and cloud.
- Demonstrated experience deploying/operating cloud security enterprise technologies.
- US citizenship us required and able to obtain security clearance.
- Ability to effectively convey information security and risk-related concepts via written and verbal communication to both technical and non-technical audiences.
- Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in a fast paced environment.
- Demonstrated experience with the capabilities and APIs of one major cloud provider (AWS, Azure, or Google).
- Demonstrated expertise in Cloud and off-premises security best practices.
- Strong scripting abilities in at least one Language (C, C#, PowerShell, etc)
- Experience with VPC configurations to effectively isolate different cloud environments.
- Experience with industry standard virtualized networking components (Cloud application firewalls, Cloud Services Routers, Cloud Gateways, etc.).
- Fundamental understanding of networks and network protocols, on premises and cloud.
Special consideration will be given to candidates with any, or multiple, of the following qualifications:
- AWS Certified SysOps Administrator
- AWS Certified Solutions Architect
- AWS Certified Networking
- AWS Certified Security Specialty
- Microsoft Certified Azure Administrator Associate
- Microsoft Certified Azure Solutions Architect
- Demonstrated experience with the capabilities and APIs of multiple major cloud providers (AWS, Azure, Google).
- Experience within common enterprise cloud applications SaaS (O365, etc.).
- Experience integrating security controls from cloud environments to provide a holistic enterprise security view.
- Experience designing and provisioning security architectures at enterprise scale.
- Experience authoring enterprise cloud security policies, or establishing an enterprise cloud security strategy.
- Experience deploying or maintaining cloud access security broker (CASB) solutions.
- Experience performing security risks/capability benefit analysis for cloud applications to establish a concise cloud application/API baseline.
- Experience implementing multi-factor authentication for SaaS applications.
- Experience working with mobile applications that rely on cloud-based software and/or data.
- Experience obtaining and centralizing cloud audit data and associated capabilities.
- Experience working with Department of Defense (DoD) DFARS, US Federal FAR and ITAR regulatory requirements.